Bohack

Check In and Tune Out!
  
 
« Windows Server 2008 R2 Breaks WPAD
Allowing Non-Administrators To Install Fonts In Windows 7 »

Windows 2008 Firewall and Remote Administration



Windows Advanced Firewall and Security is an excellent “feature add” to the Windows Operating System. In Windows XP Service Pack 2 the Firewall was introduced and was only able to block inbound and was just annoying outbound. In Windows Vista and Windows Server 2008 it was revamped to be bidirectional and included IPSEC and Connection Rules. Windows 7 also inherited the revamped and improved firewall as well as Windows Server 2008 R2.

Strictly speaking of the Windows 2008 / R2 operating system; the firewall is on by default and until you add a role, it is blocking everything inbound. By default it does not block any outbound traffic, but can be configured to do so. Since the server blocks everything inbound by default including PING, people often turn off the firewall in hopes to gain some control. This is not something you want to do, the firewall helps to lower your surface area of attack. In production environments I have network DVRs, domain controllers and file servers with the firewall on and all are working fine.

However if you try to connect to the server remotely with you computer management tools like event viewer, device manager, services or local users and groups: you’ll receive and error stating the RPC service is unavailable. One such error I received was “Event Viewer cannot connect to computer ‘server’. The Error reported is: The RPC server is unavailable.” Even after a role is configured the RPC server is blocking inbound requests to management interfaces in the Windows Server 2008 OS; this is normal and expected behavior. The inbound requests are to something called an end-point mapper, which is run within an svchost process.

Event Viewer cannot connect to computer 'server'. The Error reported is: The RPC server is unavailable.

To fix the problem:

1.       Open “Windows Firewall with Advanced Security” from the run/search box.

2.       Click on “Inbound Rules” in the tree.

3.       In the results panel find “Remote Administration (RPC)”, right click on it and select “Enable Rule”.

This entry was posted on Monday, February 14th, 2011 at 3:47 pm and is filed under Windows, Windows 2008.
You can follow any responses to this entry through the RSS 2.0 feed.
Both comments and pings are currently closed.

2 Responses to “Windows 2008 Firewall and Remote Administration”

  1. Andy G Says:
    April 10th, 2011 at 8:34 am

    Hello,

    i want to say thank you for a great job you’ve done on your blog. I have a software download website and I also

    write articles for people to help them
    with their computers and software. Is it possible to place this article on your blog as a guest post?

    Regards,
    Andy G.

  2. MW Says:
    December 13th, 2011 at 4:29 pm

    OK, works on individual pc, but how to setup group policy to enable for all computers on a domain

  • Channels

    • Beer (2)
    • Blog (1)
    • Exchange (2)
    • Ham Radio (1)
    • Homebrew (3)
    • Linux / Unix (4)
    • Misc (1)
    • Mods (4)
    • Networking (1)
    • Programming (4)
    • Recipes (2)
    • Scripts (7)
    • Security (1)
    • Software (2)
    • Spam (1)
    • Telco (7)
    • Virtual PC (1)
    • VMware (3)
    • VOIP (3)
    • Windows (16)
    • Windows 2008 (4)
    • Windows 7 (5)

  • Archives

    • September 2012
    • April 2012
    • March 2012
    • February 2012
    • January 2012
    • November 2011
    • September 2011
    • July 2011
    • April 2011
    • February 2011
    • January 2011
    • October 2010
    • August 2010
    • February 2010
    • January 2010
    • December 2009
    • November 2009
    • June 2009
    • May 2009
    • February 2009
    • January 2009
    • December 2008
    • November 2008
    • October 2008

  • Links

    • Blogarama Blogarama – The Blog Directory
    • BlogHub Blog Directory
    • Blogrankings Technology Blogs – Blog Rankings
    • Blogville.us blogville.us
    • Buzzerhut free directory | buzzerhut.com
    • Ontoplist Online Marketing
    • Primechoiceautoparts Discount Auto Parts
    • PTC My Employer
  
  Copyright - Bohack 2025 ©